Nearly every organization acquires, processes, and stores highly sensitive records. Among these records is personally identifiable information (PII) about its customers, employees, patients, students, and other individuals. Organizations are expected to closely guard this private data secure and manage access appropriately. Other concerns include data leakage, either by accident or by malicious intent, and by privileged insiders or by malicious outsiders, which can lead to loss of sensitive data, identity theft, and financial loss. For example, one challenge facing organizations is how to protect against deliberate internal attacks on the organization's data systems by trusted internal users (e.g., highly privileged administrators such as database administrators (“DBAs”)), while still allowing those users to perform their jobs.
There is a legal and consumer-wide requirement to encrypt sensitive data (e.g., PII data) that is stored, for example, in relational databases. However, encryption tends to break applicative logic (e.g., application/user functions such as search, sort, etc.), resulting in functionality loss. One such functionality loss is in pattern searches such as LIKE % xx %, CONTAINS, and REGEX searches. In addition, current encryption schemes do not support order preserving and/or pattern matching.
Throughout the drawings and the detailed description, unless otherwise described, the same drawing reference numerals will be understood to refer to the same elements, features, and structures. The relative size and depiction of these elements may be exaggerated or adjusted for clarity, illustration, and/or convenience.